Resources
Providing you the latest industry-specific news and insights.
- article
Avaddon Ransomware Hits AXA
Avaddon ransomware allegedly attacked European insurance provider AXA shortly after the company announced that it will stop paying ransoms for its clients. Our analysis provides an in-depth look at Avaddon’s tactics and recommended mitigations.
Read more - article
Colonial Pipeline Breached by Darkside Ransomware Group
On Saturday May 8, US Colonial Pipeline announced that they were victim of a ransomware attack that affected their network on Friday May 7. US Colonial Pipeline is said to be the largest fuel pipeline in the United States and the main source of…
Read more - article
The Hidden Costs of Cybercrime
This year, the global cost of cybercrime is expected to hit $6 trillion.[i] Up from $3 trillion in 2015, it’s nothing short of a big, flourishing business whose operators are relentless innovators.
Read more - article
Black Kingdom Returns to Exploit Zero-Day Vulnerabilities in Unpatched Microsoft Exchange Servers
Black Kingdom ransomware recently resurfaced to target a zero-day vulnerability in Microsoft Exchange servers.
Read more - article
Microsoft Exchange Server Zero Day Hack Insight
On March 2, 2021, Microsoft disclosed and provided security updates for four [4] critical vulnerabilities — CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065 — impacting on-premises Microsoft Exchange Servers.
Read more - article
Don’t Drink from That! Gootloader Watering Hole Leads to REvil Attack
REvil, more commonly referred to as Sodinokibi, is one of the most prolific ransomware threat groups currently active in the cyber extortion space. In the past year alone, Arete has responded to countless incidents where REvil has facilitated…
Read more - article
Cybersecurity Trends: What We Saw in 2020, What We Expect to See in 2021
Where change seems a constant, perhaps the biggest and most surprising cybersecurity issue of 2020 was a lack of change. But before we get to that, let’s look at some other key cybersecurity trends. A CONTINUED RISE IN RANSOMWARE ATTACKS Kidnapping…
Read more - article
Egregor: The Ghost of Soviet Bears Past Haunts On
Egregor ransomware, a sophisticated RaaS platform, uses data exfiltration and brazen negotiation tactics to target major sectors like manufacturing and retail and caters to experienced affiliates.
Read more - article
The Road Back: Recovery from a Malware Attack in the Long Term
Arete Incident Response is currently answering the call of duty for about 60 companies per month who have experienced malware intrusions. These are mostly ransomware or business email compromise attacks. Arete’s primary goal is to restore what was…
Read more - article
Universal Encryption
Ransomware variants like Ryuk, WastedLocker, and Dopplepaymer are also file level encryption. These groups will gain access to the network and perform reconnaissance to identify the victim, understand their business, identify critical systems, and…
Read more - article
System Specific Encryption
Ransomware variants like Phobos, Dharma or CryLock are file level encryption. The TA gains access to the system, copies specific encryption executables onto the systems then runs the executables to encrypt the files. The results are files with a new…
Read more - article
Maze Ransomware: Is Posting Data Counterproductive?
In 2020, Maze Ransomware began utilizing both encryption and data exfiltration in an attempt to maximize ransom payments, but these tactics may backfire by adding additional incident response costs for victims.
Read more